the staff of the Ridgewood blog
Ridgewood NJ, the NJCCIC observed multiple banking-themed phishing campaigns attempting to be delivered to New Jersey State employees to steal account credentials or personally identifiable information (PII). In one campaign, threat actors spoofed the display name for Customers Bank, which has multiple locations in the United States and New Jersey; however, the sender’s email address was unassociated to the bank. The subject lines may contain keywords such as notification, alert, action required, important verification, and important notification. The non-personalized email informs the target that a temporary hold has been placed on their account due to a failed identity verification. The target is then advised to click a link included in the email, which has been identified as phishing and malicious by VirusTotal.
Continue reading Scammers Target Bank Customers to Steal Customer Passwords